Connect with us

Infrastructure as Code

Challenges

Giving the challenges of building and maintaining a complex software it’s really hard to manage the provisioning, orchestration, build and deployment of applications easily. Fortunately there are tools and methodologies coming for help.

What is infrastructure as code

Infrastructure as code, or programmable infrastructure, means writing code (which can be done using a high level language or any descriptive language) to manage configurations and automate provisioning of infrastructure in addition to deployments. This is not simply writing scripts, but involves using tested and proven software development practices that are already being used in application development.

Key Concepts

Version Control – If you can establish your infrastructure thru code, you gain the ability to use version control on your infrastructure. Therefore, you can easily track all the changes or rollback your infrastructure environment.

Idempotent – If task required for the infrastructure has already been executed on the machine, the task will not be run again. In other words, it just ensures the machine is in the required state and you can run it many times without issue.

Portable – It allows you to test them on a Vagrant VM, on an AWS EC2 instance, on a “real” Linux machine or on Docker.

Containerization – You may need to be able to safely execute custom, and potentially harmful, code without affecting the box like sandbox. For example, you may have 2 app that run on different python version like v2.7 and v3.5. It is always painful have both running together at the same box. The idea of containerization is to allow you to do that without containers affecting each other.

Speed/ lightweight – You want to build up the environment fast so full blown VMs proved to be hard to juggle with when testing and developing.

Tools

docker – Docker is a Linux container, written in Go and based on lxc (self-described as “chroot on steroids”) and AUFS. Instead of providing a full VM, like you get with Vagrant, Docker provides you lightweight containers, that share the same kernel and allow to safely execute independent processes. With Dockerfile, it creates a container image with all configuration automagically setup. If you have multiple containers that orchestrate together, you can use docker-compose to do the job.

ansible – it is an IT automation engine written in Python. With Ansible it is possible to automate provisioning, orchestration, configuration management and deployment of applications. You can view it as a better alternative to docker-compose. The key difference is that docker-compose can only do one thing: manage Docker containers. Ansible can do that too, and it can also do everything else that Ansible does, all in the same playbook. You can check out this article and that article for more other reasons to use ansible.

puppet – this is an in-depth article to compare puppet with ansible. I will stick with ansible as it is less steep in learning curve.

vagrant – The only reason you could want to use Vagrant is if you need to do BSD, Windows or other non-Linux development on your Ubuntu box. Otherwise, go for Docker.

Industry Notes

Do NOT try to use Docker as a VM replacement or to run a “entire systems” – Phusion have pointed out that the base Docker images available lack a number of important system settings & services, so trying to run Docker containers as a substitute for a “real” system/VM can be fraught with potential issues.

Manage docker hosts with Ansible – With ansible, you just need a primary machine and you can use it to issue commands to the remote hosts. So, you can use it to install docker on them and then you can run docker commands on them from then on. See reference

How Ansible, Docker and Vagrant work together – Each tools plays a role and this article shows you how they work together seamlessly.

How to do Continuous Integration/ Deployment with Docker, Ansible and Jenkin – With the knowledge of the tools mentioned in this article, you may want to see how it fits in the continuous integration and deployment process. This article gives you a great overview.